Matthias Andree <[email protected]> noticed that the constraint
offset was always off by 3600 seconds for him (running OpenNTPD on
FreeBSD with CET timezone).
The way we parse the HTTP date in the ntpd constraint code isn't
portable:
if (strptime(p, "%a, %d %h %Y %T %Z",
&httpsdate->tls_tm) == NULL) {
...
/* Return parsed date as local time */
t = timegm(&httpsdate->tls_tm);
Neither %Z nor any kind of timezone information in struct tm are
in POSIX. We end up with a time that, depending on the operating
system, is off by the offset between local time and UTC.
Since we only support the preferred HTTP date format from
https://tools.ietf.org/html/rfc7231#section-7.1.1.1
for which the timezone is fixed as the literal string "GMT",
I suggest to simply replace %Z with GMT in the strptime() call.
Comments? OK?
Index: constraint.c
===================================================================
RCS file: /cvs/src/usr.sbin/ntpd/constraint.c,v
retrieving revision 1.25
diff -u -p -r1.25 constraint.c
--- constraint.c 27 Jan 2016 21:48:34 -0000 1.25
+++ constraint.c 4 Mar 2016 22:12:37 -0000
@@ -903,7 +903,7 @@ httpsdate_request(struct httpsdate *http
* or ANSI C's asctime() - the latter doesn't include
* the timezone which is required here.
*/
- if (strptime(p, "%a, %d %h %Y %T %Z",
+ if (strptime(p, "%a, %d %h %Y %T GMT",
&httpsdate->tls_tm) == NULL) {
log_warnx("unsupported date format");
free(line);
--
Christian "naddy" Weisgerber [email protected]
